Of Every 10 Businesses in Canada, Only 4 Have Data Breach Policies in Place

Updated:
March 14, 2019

Recently, the Office of the Privacy Commissioner of Canada (OPC) ordered a telephone survey - 2017 survey with Canadian businesses on privacy-related issues - of around 1,014 Canadian businesses. The goal of this survey was to learn how knowledgeable organizations are on privacy issues and requirements, understand the types of privacy policies and practices they have in place, and determine their privacy information needs.

The following were some key findings from the survey:

  • Only 4 in 10 companies surveyed have policies or procedures in place in the event of a breach.
  • When asked to rate their level of concern regarding a future data breach, the results were split. Overall, nearly half expressed at least a moderate level of concern while 50 per cent expressed low or no concern at all. The OPC said that this data indicated concern over data breaches has decreased among Canadian businesses over previous years.
  • Around 68 per cent of respondents placed an emphasis on protecting their customers' personal data. In addition, according to data from previous OPC reports, consumer concern about privacy breaches remains high. In fact, 85 per cent of Canadian indicated that news reports about privacy breaches affected their willingness to share personal information.

Among other things, the OPC survey illustrates a disconnect between organizational beliefs regarding data protection and the existence of real privacy policies. Despite continued, high-profile cyber breaches and increasing customer concern, many companies surveyed remain complacent with their level of security.

The OPC will use these survey results to enhance its outreach efforts and more effectively guide organizations on their privacy responsibilities.

Choosing the Right Type of Cyber Testing for Your Business

Taking the initiative to invest in cyber security and improve employee security awareness is vital for defending a business from cyber attacks. However, it may be necessary for businesses to re-evaluate their efforts on occasion to make sure their security measures are effective. Vulnerability scans, penetration testing, and red team exercises are three types of tests that businesses can use to assess their cyber security.

Vulnerability Scans

Vulnerability scans and assessments use automated tools to identify cyber weaknesses. They've typically used to find known or common vulnerabilities, such as those used in past breaches and those that provide paths of least resistance for attackers trying to enter the network. Vulnerability scans are most useful for small and mid-sized organizations with limited cyber security resources.

Penetration Tests

Penetration tests are simulated attacks that use information acquired from vulnerability scans in an effort to access or penetrate the enterprise network. When a penetration test occurs, enterprises and security professionals may or may not know of the test in advance. Penetration tests can be performed by internal staff or external vendors. They're most beneficial for organizations of medium maturity looking to uncover gaps in security.

Red Team Exercises

When using a red team to assess security, employees assume the exercise is a real-life situation and do not know about it in advance. Red team exercises help organizations gauge realistic responses to attempted attacks by mimicking attackers. Mature organizations with specialized cyber security skills would benefit the most from red team exercises, which can uncover security gaps both inside and outside the network. Red team exercises can be conducted by internal staff or external vendors.

Once an organization identifies which type of testing is appropriate, it should also assess the frequency of the testing. Ultimately, every new or updated technology should be subjected to thorough testing to detect and address new vulnerabilities before outside attackers find them.

Even with careful attention to training your staff and testing your networks, new cyber threats continue to enter the world daily. This means it will be very difficult to prevent any and all future attacks against your company but with proper Cyber Liability Insurance, your company will have a robust risk-management program in place.

FAQs

What is financial advising?

Financial advising involves providing guidance and advice to individuals, families, or businesses to help them make informed decisions about their financial matters. This can include various aspects such as investment planning, retirement planning, tax planning, estate planning, and more. Financial advisors analyze their clients' financial situations, goals, and risk tolerance to create customized strategies that align with their objectives.

Why is financial planning important?

Financial planning is crucial for several reasons:

Goal Achievement: It helps individuals set and achieve financial goals, whether they are short-term, such as buying a home, or long-term, like funding a comfortable retirement.

Risk Management: Financial planning addresses risks by considering insurance, emergency funds, and other protective measures.

Budgeting and Saving: It promotes responsible money management through budgeting and saving, fostering financial stability.

Wealth Building: Effective financial planning can lead to wealth accumulation and the creation of a secure financial future.

Can financial advisors help with debt?

Yes, financial advisors can help with debt management. They can assess your overall financial situation, create a budget, and develop strategies to pay down debt efficiently. They may also negotiate with creditors on your behalf, provide debt consolidation recommendations, and offer guidance on prioritizing and managing debt repayment.

What exactly does a financial advisor do?

The specific responsibilities of a financial advisor can vary, but generally, they:

  1. Conduct a thorough analysis of a client's financial situation, including income, expenses, assets, and liabilities.
  2. Develop personalized financial plans based on the client's goals, risk tolerance, and time horizon.
  3. Provide investment advice and portfolio management services.
  4. Offer guidance on retirement planning, estate planning, tax planning, and insurance.
  5. Monitor and adjust financial plans as needed based on changes in the client's life or market conditions.
  6. Educate clients on financial matters and empower them to make informed decisions.
What is the average fee for a financial advisor?

The fees charged by financial advisors can vary widely based on factors such as the advisor's experience, the services provided, and the region.

Common fee structures include:

Hourly Fees: Advisors charge an hourly rate for their services.
Flat or Fixed Fees: A set fee is charged for specific services or a comprehensive financial plan.
Asset-based Fees: Fees are a percentage of the assets under management (AUM).
Commission-based Fees: Advisors earn commissions on financial products they sell.
Combination of Fees: Advisors may use a combination of the above fee structures.

It's important to discuss and clarify fee arrangements with a potential financial advisor before engaging in their services.